W3C home > Mailing lists > Public > www-talk@w3.org > July to August 1995

Re: 3 Proposals: session ID, business-card auth, customer auth

From: Daniel W. Connolly <connolly@beach.w3.org>
Date: Tue, 18 Jul 1995 21:13:36 -0400
Message-Id: <199507190113.VAA28022@beach.w3.org>
To: jag@scndprsn.eng.sun.com (James Gosling)
Cc: brian@organic.com, tmyerson@iserver.interse.com, www-talk@w3.org
In message <9507182040.AA09151@norquay.Eng.Sun.COM>, James Gosling writes:
>> ******* I. The Request-ID: header field:
>> ******* II. The business-card authentication scheme
>The problem I have with many schemes like this (leaving the ethical
>questions alone for now!) is that they don't work in the face of proxy

No fair! I said there was a requisite IVth part that I didn't have
time to discuss, which is exactly this issue.

>  One
>solution to have a header field in the reply that contains
>something like this:
>	aggregate-demographics: email-addr
>Which if recieved by a proxy server would cause it to accumulate some
>standard set of useful-but-not-invasive statistics (if such exist!)
>about uses of the page and mail them to the email address on a
>periodic basis.

Yes, let's hammer this out, shall we? HTTP 1.1 will include a
notion of "manditory" stuff. How does one express it? I'll
fudge it for now.

I think HTTP put is as likely a mechanism as email. So perhaps
we'd see:

	200 Okie fnokey
	Content-Type: text/html
	Mandatory: Log-To:
	Log-To: mailto:web-logs@wired.com; content-type=text/x-CLFF;

	<title>cool stuff!</title>

	Log-To: http://www.wired.com/web-logs; content-type=text/x-CLFF
					 ^^^^^^^^^^^^ ala form ENCTYPE

The interval parameter (in seconds) tells how often to submit the
logs; or, more precisely, how long you can hold onto log data
before giving it to the origin server.

Received on Tuesday, 18 July 1995 21:15:57 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:32:57 UTC